Example 6 with ServiceAccount
use of org.bf2.operator.resources.v1alpha1.ServiceAccount in project gapic-generator-java by googleapis.
the class SyncGetServiceAccountProjectname method syncGetServiceAccountProjectname.
public static void syncGetServiceAccountProjectname() throws Exception {
// It may require modifications to work in your environment.
try (StorageClient storageClient = StorageClient.create()) {
ProjectName project = ProjectName.of("[PROJECT]");
ServiceAccount response = storageClient.getServiceAccount(project);
}
}
Also used :
ServiceAccount(com.google.storage.v2.ServiceAccount)
ProjectName(com.google.storage.v2.ProjectName)
StorageClient(com.google.storage.v2.StorageClient)
Example 7 with ServiceAccount
use of org.bf2.operator.resources.v1alpha1.ServiceAccount in project kas-fleetshard by bf2fc6cc711aee1a0c2a.
the class KafkaCluster method addQuotaConfig.
private void addQuotaConfig(ManagedKafka managedKafka, Kafka current, Map<String, Object> config) {
config.put("client.quota.callback.class", IO_STRIMZI_KAFKA_QUOTA_STATIC_QUOTA_CALLBACK);
// Throttle at Ingress/Egress MB/sec per broker
config.put(QUOTA_PRODUCE, String.valueOf(getIngressBytes(managedKafka, current)));
config.put(QUOTA_FETCH, String.valueOf(getEgressBytes(managedKafka, current)));
// Start throttling when disk is above requested size. Full stop when only storageMinMargin is free.
Quantity maxDataRetentionSize = getAdjustedMaxDataRetentionSize(managedKafka, current);
long hardStorageLimit = Quantity.getAmountInBytes(maxDataRetentionSize).longValue() - Quantity.getAmountInBytes(storageMinMargin).longValue();
long softStorageLimit = Quantity.getAmountInBytes(maxDataRetentionSize).longValue() - getStoragePadding(managedKafka, current);
config.put("client.quota.callback.static.storage.soft", String.valueOf(softStorageLimit));
config.put("client.quota.callback.static.storage.hard", String.valueOf(hardStorageLimit));
// Check storage every storageCheckInterval seconds
config.put("client.quota.callback.static.storage.check-interval", String.valueOf(storageCheckInterval));
// Configure the quota plugin so that the canary is not subjected to the quota checks.
Optional<ServiceAccount> canaryServiceAccount = managedKafka.getServiceAccount(ServiceAccount.ServiceAccountName.Canary);
canaryServiceAccount.ifPresent(serviceAccount -> config.put("client.quota.callback.static.excluded.principal.name.list", serviceAccount.getPrincipal()));
config.put("quota.window.num", "30");
config.put("quota.window.size.seconds", "2");
}
Also used :
ServiceAccount(org.bf2.operator.resources.v1alpha1.ServiceAccount)
Quantity(io.fabric8.kubernetes.api.model.Quantity)
Example 8 with ServiceAccount
use of org.bf2.operator.resources.v1alpha1.ServiceAccount in project gapic-generator-java by googleapis.
the class SyncGetServiceAccountString method syncGetServiceAccountString.
public static void syncGetServiceAccountString() throws Exception {
// It may require modifications to work in your environment.
try (StorageClient storageClient = StorageClient.create()) {
String project = ProjectName.of("[PROJECT]").toString();
ServiceAccount response = storageClient.getServiceAccount(project);
}
}
Also used :
ServiceAccount(com.google.storage.v2.ServiceAccount)
StorageClient(com.google.storage.v2.StorageClient)
Example 9 with ServiceAccount
use of org.bf2.operator.resources.v1alpha1.ServiceAccount in project yakc by manusa.
the class AuthIT method retrieveSecretForServiceAccount.
private Secret retrieveSecretForServiceAccount() throws IOException {
final ServiceAccount sa = KC.create(CoreV1Api.class).listNamespacedServiceAccount(NAMESPACE).stream().findFirst().orElseThrow(() -> new AssertionError("No Service Account found"));
final String secretName = sa.getSecrets() == null ? null : sa.getSecrets().stream().findFirst().map(ObjectReference::getName).orElse(null);
if (secretName != null) {
return KC.create(CoreV1Api.class).listNamespacedSecret(NAMESPACE).stream().filter(s -> s.getType().equals("kubernetes.io/service-account-token")).filter(s -> s.getMetadata().getName().equals(secretName)).findAny().orElseThrow(() -> new AssertionError(String.format("Secret %s doesn't exist", secretName)));
} else {
// https://kubernetes.io/docs/concepts/configuration/secret/#service-account-token-secrets
final Secret serviceAccountTokenSecret = Secret.builder().metadata(ObjectMeta.builder().name(sa.getMetadata().getName() + "-token").putInAnnotations("kubernetes.io/service-account.name", sa.getMetadata().getName()).build()).type("kubernetes.io/service-account-token").putInStringData("token", "my-secret-token").build();
return KC.create(CoreV1Api.class).createNamespacedSecret(NAMESPACE, serviceAccountTokenSecret).get();
}
}
Also used :
Node(com.marcnuri.yakc.model.io.k8s.api.core.v1.Node)
KC(com.marcnuri.yakc.KubernetesClientExtension.KC)
Assertions.assertThat(org.assertj.core.api.Assertions.assertThat)
ServiceAccount(com.marcnuri.yakc.model.io.k8s.api.core.v1.ServiceAccount)
IOException(java.io.IOException)
Secret(com.marcnuri.yakc.model.io.k8s.api.core.v1.Secret)
Test(org.junit.jupiter.api.Test)
CoreV1Api(com.marcnuri.yakc.api.core.v1.CoreV1Api)
ObjectMeta(com.marcnuri.yakc.model.io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta)
Configuration(com.marcnuri.yakc.config.Configuration)
ExtendWith(org.junit.jupiter.api.extension.ExtendWith)
BeforeAll(org.junit.jupiter.api.BeforeAll)
ObjectReference(com.marcnuri.yakc.model.io.k8s.api.core.v1.ObjectReference)
Secret(com.marcnuri.yakc.model.io.k8s.api.core.v1.Secret)
ServiceAccount(com.marcnuri.yakc.model.io.k8s.api.core.v1.ServiceAccount)
ObjectReference(com.marcnuri.yakc.model.io.k8s.api.core.v1.ObjectReference)
Example 10 with ServiceAccount
use of org.bf2.operator.resources.v1alpha1.ServiceAccount in project yakc by manusa.
the class ServiceAccountIT method deleteNamespacedServiceAccount.
@Test
@DisplayName("deleteNamespacedServiceAccount, should delete existing ServiceAccount")
void deleteNamespacedServiceAccount() throws IOException {
// When
final ServiceAccount result = KC.create(CoreV1Api.class).deleteNamespacedServiceAccount(serviceAccountName, NAMESPACE, DeleteOptions.builder().propagationPolicy("Background").build()).get();
// Then
assertThat(result).isNotNull().extracting(ServiceAccount::getMetadata).hasFieldOrPropertyWithValue("name", serviceAccountName);
}
Also used :
ServiceAccount(com.marcnuri.yakc.model.io.k8s.api.core.v1.ServiceAccount)
Test(org.junit.jupiter.api.Test)
DisplayName(org.junit.jupiter.api.DisplayName)
Aggregations
ServiceAccount (com.google.storage.v2.ServiceAccount)4
StorageClient (com.google.storage.v2.StorageClient)4
ServiceAccount (com.marcnuri.yakc.model.io.k8s.api.core.v1.ServiceAccount)3
Test (org.junit.jupiter.api.Test)3
GetServiceAccountRequest (com.google.storage.v2.GetServiceAccountRequest)2
ServiceAccount (org.bf2.cos.fleet.manager.model.ServiceAccount)2
DisplayName (org.junit.jupiter.api.DisplayName)2
ProjectName (com.google.storage.v2.ProjectName)1
KC (com.marcnuri.yakc.KubernetesClientExtension.KC)1
CoreV1Api (com.marcnuri.yakc.api.core.v1.CoreV1Api)1
Configuration (com.marcnuri.yakc.config.Configuration)1
Node (com.marcnuri.yakc.model.io.k8s.api.core.v1.Node)1
ObjectReference (com.marcnuri.yakc.model.io.k8s.api.core.v1.ObjectReference)1
Secret (com.marcnuri.yakc.model.io.k8s.api.core.v1.Secret)1
ObjectMeta (com.marcnuri.yakc.model.io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta)1
Quantity (io.fabric8.kubernetes.api.model.Quantity)1
IOException (java.io.IOException)1
AtomicInteger (java.util.concurrent.atomic.AtomicInteger)1
Assertions.assertThat (org.assertj.core.api.Assertions.assertThat)1
ConnectorDeployment (org.bf2.cos.fleet.manager.model.ConnectorDeployment)1
